Apache · Apache Nifi · CVE-2018-17192
**Name of the Vulnerable Software and Affected Versions**
Apache NiFi versions prior to 1.8.0
**Description**
The issue arises from inconsistent application of the X-Frame-Options headers in HTTP responses, leading to potential clickjacking attacks due to incorrect interpretation by some browsers.
**Recommendations**
For Apache NiFi versions prior to 1.8.0, upgrade to Apache NiFi 1.8.0 or a later version to ensure consistent application of security headers and mitigate the risk of clickjacking attacks.